Waiting for an automated job still feels like waiting for a cron job to click a link, though, unless the attacker can trigger/inject the job.
ÂŻ\_(ă)_/ÂŻ
Waiting for an automated job still feels like waiting for a cron job to click a link, though, unless the attacker can trigger/inject the job.
ÂŻ\_(ă)_/ÂŻ
@jwildeboer And I still think that âwait for a user to print something to the malicious printerâ counts as âuser interactionâ, which many scores donât seem to reflect.
Attached: 1 image Might be worth calling out that this #cups #rce is dependent on the user sending a print job to the injected/manipulated printer. In my book, that counts as "user interaction", and would yield a CVSS score of CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:L => 8.8
Mastodon đ (mstdn.social)
Every career path in tech:
"At this point in your career, your only possible promotion is to management, where you will stop doing the work you love and use a skill set you donât have and we donât teach."